How can I use if conditions to check for bitwise existence? I have an Flag's enum (in c#) and I want to do different operations in logstash according to its value.
logstash does not directly support bitwise conditionals. You can use a ruby filter to convert the enum to a string
ruby { code => 'flag = event.get("Flags"); if flag { event.set("[@metadata][flags]", flag.to_i.to_s(2)) }' }
then pick it apart using grok to select each bit and then test each of them using conditionals. It may be easier to do the whole thing in ruby.